VeriSign signs .com for DNSSEC
making over 90 millions domains now set to benefit from DNS Security.

Two and half years after the first public warnings over DNS security, the .com domain is now secured with DNSSEC.

VeriSign announced that it has signed the .com top level domain (TLD) which could help to secure the more than 90 million registered .com domains. VeriSign's move follows years of effort and incremental steps toward securing DNS infrastructure.

DNS was first exposed to be at risk in the summer of 2008 when security researcher Dan Kaminsky detailed threats that could undermine the operation of the Internet. The risks exposed by Kaminsky could have enabled an attacker to spoof DNS information, potentially disrupting the normal flow of all information across the Internet.

Following Kaminsky's disclosure, DNSSEC was identified as the best long-term solution to help protect DNS. DNSSEC helps to mitigate the risk by providing additional security for DNS information to ensure its authenticity with cryptographically signed signatures.

Getting DNSSEC fully implemented across Internet infrastructure has been no easy task.

"By reaching this critical milestone in DNSSEC deployment, Verisign and the Internet community have made enormous strides in protecting the integrity of DNS data," said Pat Kane, senior vice president and general manager of Naming Services at Verisign in a statement. "But the threats against the Internet ecosystem -- whether targeting the DNS or elsewhere -- are unrelenting."

The DNSSEC implementation by VeriSign is part of the company's larger Project Apollo initiative. Apollo was first announced in March of 2010 as a $300 million effort to update DNS. The goal of Apollo is to build the infrastructure needed to handle the 4 quadrillion queries per day that the Internet's DNS structure will demand by 2020.